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For example, most providers require an individual to complete a lengthy form 

to obtain personal information, such as payer information, and personal health history 
or record, a process which is both time-consuming and costly, both for the individual 
who is seeking health services and for the provider. Moreover, if an individual 
changes providers, the individual will need to complete another form for the new 
provider. In addition, in some instances, because of an individual's unfamiliarity with 
medical terms, an individual may not be able to provide information, such as tests 
performed, to a new provider. As a result, the new provider may perform a test again, 
a process which may result in additional costs for the payer, such as an insurance 
company. 

Moreover, in an emergency, as described above, a provider may not be able to 
quickly access an individual's health records to determine, for example, if the 
individual is allergic to a particular drug. 

Furthermore, in some cases, an individual may fraudulently use a relative's 
payer card, such as an insurance card, to obtain healthcare services from a provider. 
Since most providers do not compare an individual's identity with the payer card, an 
individual may present a relative's payer card to a provider and receive health services 
from the provider. The provider may charge the payer associated with the payer card 
for the services rendered and the payer may in turn pay the provider. This results in 
fraud, which if not detected, may result in additional costs for the payer. 

Accordingly, there is presently a need for a system, method, and article of 
manufacture for identifying an individual and managing an individual's health records 
easily, quickly, and in a cost-effective manner. 
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The presenr invention provides a Method, system, and article of manufacture 
for identifying an individual Md ^ ^ ^ ^ 

merhod indudes storing health date of anhtdividualonastoregemediun, The 
methodalaoindndes logging i„ tothe storage memu^ to mamtge the health date 
rtoredonn,ertorag e rned to a„ dnmagingtheheallhdataontestoragemedium 

The present invention also indudes a system for identifying . individu- ^ 
"-aging health records of ft. individual. The system includes nteans for storing 
h ~°™dum„„astomgeme^^ 
logging into the storage medium to manage the health date stored on the storage 
medium and means for managing the health date on the storage medium. 

Moreover, the present invention provides a computer-readable medium 

individual ami managing heahh recnnb of the individual. The method include, 
^^^ofan to d M dttel M . storage ^ ttel ^ alsoiiKlii(les 
logging into the stornge medium to manage the heahh date stored on the storage 
medium and managing the health data on the storage medium. 

brief nr.srpifT. on m ^ m f w ^ 

Tie accompanying drawings are incon-orated in and constitute a part of this 
^^^^^^^^^^ 
of the invention. In the drawings, 

FIG. 1 isadiagramofan exemplary network environment in which features of 
the present invention may be implemented; 
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FIG. 2 is an exemplary block diagram illustrating components of the client 
terminal 1 02 that is shown in FIG. 1 ; 

FIG. 3 is an exemplary block diagram illustrating components of the health 
management system 106 that is shown in FIG. 1; 

FIG. 4 is an exemplary flowchart illustrating the steps involved in enrolling an 
individual with a payer plan;; 

FIG. 5 is an exemplary flowchart illustrating the steps involved in using a 
storage medium, such as a card, in accordance with the present invention; 

FIG. 6 is an exemplary block diagram illustrating components of a provider 
terminal; and 

FIG. 7 is another diagram of an exemplary network environment in which 
features of the present invention may be implemented. 

DETAILED DESCRIPTION 

The following detailed description of the invention refers to the accompanying 
drawings. While the description includes exemplary embodiments, other 
embodiments are possible, and changes may be made to the embodiments described 
without departing from the spirit and scope of the invention. The following detailed 
description does not limit the invention. Instead, the scope of the invention is defined 
by the appended claims and their equivalents. 

The present invention provides a system, method, and article of manufacture to 
identify an individual and to manage an individual's health records easily, quickly, and 
in a cost-effective manner. For example, with the use of the present invention, an 
individual may store his personal and health information on a storage medium, such as 
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■5- 



SUBSTITUTE SHEET (RULE 26) 



WO 01/14974 PCT/USOO/23028 

activated or reconfigured by program code to provide the necessary functionality. The 

processes disclosed herein are not inherently related to any particular computer or 
other apparatus, and may be implemented by a suitable combination of hardware, 
software, and/or firmware. For example, various general purpose machines may be 
used with programs written in accordance with teachings of the invention, or it may be 
more convenient to construct a specialized apparatus or system to perform the 
required methods and techniques. 

The present invention also relates to computer readable media that include 
program instruction or program code for performing various computer-implemented 
operations based on the methods and processes of the invention. The media and 
program instructions may be those specially designed and constructed for the purposes 
of the invention, or they may be of the kind well-known and available to those having 
skill in the computer software arts. The media may take many forms including, but 
not limited to, non-volatile media, volatile media, and transmission media. Non- 
volatile media includes, for example, optical or magnetic disks. Volatile media 
includes, for example, dynamic memory. Transmission media includes, for example, 
coaxial cables, copper wire, and fiber optics. Transmission media can also take the 
form of acoustic or light waves, such as those generated during radio-wave and infra- 
red data communications. Examples of program instructions include both machine 
code, such as produced by compiler, and files containing a high level code that can be 
executed by the computer using an interpreter. 

FIG. 1 is a diagram of an exemplary network environment in which features of 
the present invention may be implemented. The network environment includes client 
terminal 102 and health management system 106, which are interconnected by 
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networh.04. Network ^^^^^^ 
network, -* as *. ^ „ ^ „ ^ , ^ ^ ^ ^ 
or a Wide Area Ne*vo,k (WAN), for example . ^ „ ^ „ ^ ^ 
»«o nS a reta o™ tottosesmedintheanandaredsowjthjithe ^ <)f 
•he preS en. tovenam , For exampie, fc « of ae htemel md ^ ^ 

Wide Wee. ("Web, is wide* k™. The web is a diluted system ^ 

webse„er S a„d»ebc li e» t s.We bs e rV e re a re so ft „a re app UcationstllatsuppoIt 
eo m no„ pro ,oeo, s , s „eb as „ ypeitatTransl)ortprotoco|(HTip) ^ 

web serve, make documente, such . d _ fc ^ ^ ^ ^ 

(HTML,, and che, rasoumes availaM£ ,„ ^ ^ ^ ^ ^ ctaK ^ 

sofW^c^suebasab^^^^^^^^^^ 
example. 

Moreover, white the components of no . , ^ ^ ^ ^ ^ 
skUied i„ the art wollM ^ ^ ^ js asMdaKi ^ ^ 

physical devices. For example, client terminal iOZmaybeapn^^^ 
apersona 1 = om p Ut e r , ahOTdheldMmputeral ^ ormy ^ ted ^^ to 
those skilled in the art. 

A S sbow n mn0.2,mecUen,tenm»a 11 02 1 navinc W eab r owser2 1 0,soe h 
as a world wide web browser like NETSCAPE NAVIGATOR and/or INTERNET 
EXPLORER; other software and data storage 220; at least one input device 230, such 

asakeyboaraoramouseia.I.as.oneconunuracafto,, device 240, such asamodem 

wor kta te rf acecard OTC );a,Iea s ,„nep ro oe SS or260; memory 250; and a, 
.east one outpu, device 270, such as a monitor; a„ of which ma, communicate with 
eachomecforexamplevra a communication bus 280. Theciien, tenniua, ,02 a.. 
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may include a reading and writing device 290, such as a device for reading and writing 

to a smart card, and/or a biometric device 295. The biometric device 295 may be, for 

example, a finger scanner that is used to scan an individual's fingerprint pattern for 

authentication purposes. The memory 250 may be random access memory (RAM), 

read only memory, or both. Other client terminals and their components are known to 

those skilled in the art and are also within the scope of the present invention. For 

example, it is known to one skilled in the art that in order for the biometric device 295 

to interface with the client 102, software drivers may be needed. 

Health management system 106 shown in FIG. 1 will be described now. As 

shown in FIG. 3, the health management system 106 includes a web server 305 and a 

storage server 335, which are connected to each other via a non-routed network 330, 

such as a non-routed LAN. The web server 305 includes authentication component 

3 1 0, certificate component 3 1 5, health management component 320, and auditing and 

reporting component 325. The storage server 335 may include a database 340 and an 

audit log 345. The data associated with an individual is stored in the database 340. 

Since, the non-routed network 330 may not be accessed directly from the network 

104, such as the Internet, this provides a more secure computing environment because 

unauthorized individuals will not be able to gain access to the database 335 and audit 

log 345. Although not shown, both the web server 305 and the storage server 335 also 

may have an administration component for administering the various components. 

Moreover, in FIG. 3, the various components are shown to exist on a single web 

server 305 and a single storage server 335; however, it is known to one skilled in the 

art that these components may exist on multiple servers to assist in load balancing, for 

example. 
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certificate authority 350 may be used as the certificate authority. All interaction with 

the certificate authority may be based on, for example, public-key cryptography 
standards (PKCS) and as a result, the present invention may be compliant with all 
PKCS compliant certificate authorities. In one embodiment of the present invention, 
the private key associated with a certificate may be stored on an individual's card, such 
as a smart card. This allows for greater mobility. The process of storing the private 
key will be described later. 

The auditing and reporting component 325 shown in FIG. 3 will be described 
now. The auditing and reporting component 325 may provide an interface to all of the 
other components shown in FIG. 3 in order to provide report information on selected 
or all data fields. Access to the reports themselves may be audited and restricted to 
authorized individuals, such as administrators, who have successfully authenticated 
into the health management system 106. For example, when an individual attempts to 
access a report, the individual may be required to enter a user name and an 
authentication token. After the individual provides the requested information and 
after the information has been verified, the individual may be given access to the 
report. In one embodiment, the auditing and reporting component 325 may provide e- 
mail alerts to administrators. These alerts may notify the administrator, for example, 
of repeated authentication failures. 

As described in the foregoing description, the present invention provides an 
individual with a storage medium, such as a smart card, for use as a payer card. The 
smart card may have the individual's personal as well as health information stored on 
it, which may be later retrieved by a provider, for example. Normally, an individual 
enrolls in a payer plan, such as a health insurance plan, through an enroller. An 
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component 320 may present web pages, such as a web enrollment form or application, 
asking the individual for enrollment information, as indicated by a step 420. Some of 
the enrollment information on the form may be already filled in depending on, for 
example, whether the enroller established an individual account for the individual. If 
some or all the enrollment information is already filled in the form, the individual may 
be asked to verify this information and correct it if necessary. The enrollment 
information may include, but is not limited to, the individual's name, address, date of 
birth, social security number, information about spouse and children, information 
about the payer plan that the individual desires to enroll in, and information about the 
individual's primary physician and dentist, for example. In addition, the enrollment 
information may also include employer information if the individual is enrolling 
through an employer, for example. In step 420, an account, if one already does not 
exist, may be created for the individual. The account information is stored in the 
database 340. 

Next, in a step 425, the enrollment information is stored in the database 340 
and sent to the payer. The information may be sent in a variety of ways. For example, 
the information may be sent electronically, such as via e-mail, or manually, such as 
via U.S. mail. If the information is sent electronically, the health management system 
106 may generate an e-mail and send it via network 104 to the payer. These and other 
ways of sending information are known to one skilled in the art and are also within the 
scope of the present invention. 

Upon receipt of the information from the health management system 106, the 
payer may enroll the individual in the payer plan selected by the individual, as shown 
in a step 430. Although not shown in FIG. 4, if there are any problems with enrolling 
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step 440. If the card also will be used as a credit card, for example, the individual also 
may need to provide salary information to the credit card company. The use of the 
card is not limited to a credit card only, other uses will be apparent to one skilled in 
the art and such uses are also within the scope of the present invention. For example, 
the card may be used for entry into the individual's employer's building, as a library 
card, or a copy card. Moreover, the card may be issued by the enroller or the payer. 

Next, in a step 445, the card issuer may issue the card to the individual. 
Although not shown in FIG. 4, if the card issuer needs to verify information or needs 
additional information, the card issuer may ask for additional information from the 
health management system 1 06, for example. The transfer of information between the 
card issuer may be accomplished in a manner similar to transfer of information 
between the payer and the health management system 106. 

Then, in a step 450, after receiving the card, the individual may login to the 
health management system 106 using client 102, for example, to activate the card. 
Once logged in, the individual may select the option of completing the enrollment 
process, for example, as shown in a step 455. The health management component 320 
may present a web page asking the individual for information regarding the 
individual's health. For example, the component 320 may ask the individual for the 
individual's health history and information about any drugs that the individual is 
allergic to. Some or all of the individual's enrollment, payer, and health information 
may be downloaded to the card in this step for retrieval and update by a provider, for 
example. In this step, the individual, the enroller, or the payer also may be given the 
option of selecting the information that needs to be stored on the card and the means 
of accessing that information. For example, in one embodiment, the individual's 
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losses his card and a new card needs to be issued to the individual. As a result, when 

the information is being transferred to the card, some or all of the information, such as 

the private information, may be encrypted by the private key and then, stored on the 

card. As a result, if a provider, such as doctor, wants access to the private 

information, for example, the individual may need to login to his card to retrieve the 

private key so that the individual's information may be decrypted by using the private 

key and presented to the provider. Consequently, the present invention secures an 

individual's personal information and provides access to this information only after 

authentication by the individual. 

Once the information is downloaded on the card, a message may be sent both 
to the payer and the card issuer, to let them know that the card has been received and 
to activate the card., as indicated in a step 460. The message may be, for example, 
digitally signed using the individual's private key. After the message is sent, the 
individual is ready to use the card, and the enrollment process is complete, as 
indicated by a step 465. The above process is intended to be illustrative of the 
features of the present invention as opposed to limiting it in any manner. For 
example, the steps do not have to be performed in the described order. 

An example and FIG. 5 will be used now to describe the process of using a 
card of the present invention. In this example, it is assumed that an individual desires 
to visit a provider, such as a doctor. The provider may have a provider terminal 
similar to the client terminal 102 shown in FIG. 2. The components of a provider 
terminal 600 are shown in FIG. 6. The components shown in FIG. 6 are similar to 
FIG. 2 with the exception of the provider component 697. The provider component 
697 may be implemented, for example, using software, such as Java applets. In a step 
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505, the provide, compos, 697 may aak (he individual to ^ Ms ^ tao fc . 
reading and writing device 690. If (he eard has pubiic and private information, . 
described above, (he pubhc infamation wil, be mediately available ,o (he provide,, 
and the pnavide, amy be able (o ,ead .his infonnation, as shot™ in a step 51 0. If one 
ptovide, does n„ t need any info^adon, such ^ d,e priva,e infonnaSon, 
process may be complete, as indicated by steps 535 and 540. 

If, however, the provider wants access (o the private information, the provide, 
may ask the individual ,o authemicate, as indicated by steps 51 5 and 520. Fo, 
axample, if biometeic audtemication la being used, me provider component 697 may 
ask the mdividual to place hia flnge,, for example, „„ <h e hiomenic device 695. Tne 

steps 525 and 530. Conversely, if the image doea no, match, the individual may he 
asked to try again. 

If encryption is also being used, aSe, authentication, the private key may be 
used (o demyp, the private infonnation before Renting i, ,„ the provider . ^ 
provider may eirhe, print and/o, tiansfe, tire retrieved mformation (o the pmvide* 

own system. Once the information has been rc-trW^ «. 

uon nas Deen retrieved, the provider component 697 

may insmuc, the individual ,o take omhiscacd from me making and writing device 
290 to indicate that tire proceas ia complex aa indicated by steps 535 and 540. 

In another embodiment afte, the pmvide, is finished wi(h (he (matinem, fo, 

697 and the mading and writing device 290. Updating the individual's csxd win 
ensure ma, cmrnn, infomtation about (he individual's health is stomd on the cacd. 
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In still another embodiment, as shown in FIG. 7, the provider terminal may be 

connected to the health management system 106 via network 104, for example. One 

advantage of this embodiment is that in addition to updating the information on an 

individual's card, the provider may be able to update the information in the database 

340. Another advantage is that if a card has a limited storage space, a provider may be 

able to access some information from the database 340 after the individual 

authenticates in addition to the information from the card. 

The present invention, as described above, provides several advantages. One 
advantage is that an individual's health records may be managed easily and quickly. 
For example, with the present invention, a provider may not need to ask an individual 
to complete a lengthy form to obtain personal information from the individual because 
such information can be retrieved from the card. As a result, the provider and the 
individual save time and costs are reduced.. 

Another advantage is that since the health information is stored on the card, 
redundant tests may be reduced. For example, as described in the foregoing 
description, because of an individual's unfamiliarity with medical terms, an individual 
may not be able to provide information, such as tests performed, to a new provider. 
As a result, the new provider may perform a test again, a process which may result in 
additional costs for the payer, such as an insurance company. With the present 
invention, however, the new provider will be able to quickly retrieve the individual's 
health information, including tests performed, from the card if the provider is not 
connected to the health management system 106 and/or database 340 if the provider is 
connected to the health management system 106 and thus, may not need to perform 
tests again even if the individual is unfamiliar with medical terms. 
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drug to, an is ^ t0 by ^ fte ^ ^ ^ ^ ^ 

iong as ft. infonnation b ^ on fc ^ „ ^ ^ ^ 

pnva,e ^ be ^ fer example _ by gMng a ^ ^ ^ 

*«.rt,M#* H-- , kl(|ta|i 
placing to automation tokm of ^ ^ ^ ^ ^ ^ ^ 

metods of accessing — l-tah^,,,,,^.^^ 
art and an; also v»ithin the scope of the prescn, invention. 

Yet another advance of to present invention is to, i, identifies to 
individoa, and reduces fraud. For exarnp,, ^ to ^ invention> „ 

n^no.usea^ve.spayercard.oob.ainheaJn.caseservicestaap.ovider 

Individ,* card bate any infonnation can be refrievrf fron, it . * . ^ ^ 
to individua, ^vides bis infonnadon ,„ son,eone aise, fraud is onUTce,,. Moreover 
if biogenic antonticauon is usao, to individual „«, need „ autondca* by ni mS e,f 
and cannot provide such information to another. 

Sull another advantage of to present invention is to, an individual may use 

^eastiforototpn^as.suchasacretii.eardora.ib^cacd.Fn^ernto. 
another advantage is to. if „ bdividual lossK ^ ^ ^ 

individual, reconfc, to individual naav be able to quictly oblata . new ^ ^ ^ 
management system 106. 
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While the examples given in the foregoing description related to an individual, 

the present invention is not limited to the individual. For example, the present 
invention may be used in a similar manner for the individual's family members, such 
as a spouse. 

It will be apparent to those skilled in the art that various modifications and 
variations can be made in the system and method of the present invention and in 
construction of this invention without departing from the scope or spirit of the 
invention. 

Moreover, other embodiments of the invention will be apparent to those 
skilled in the art from consideration of the specification and practice of the invention 
disclosed herein. It is intended that the specification and examples be considered as 
exemplary only, with a true scope and spirit of the invention being indicated by the 
following claims. 
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WHAT TS PT ,AIMF,n TS» 

I for identifi/infY j , . 

i managing health 



I- A method for identifying an individual and , 



records of the individual, comprising the steps of: 

storing health data of an individual on a storage medium, 

loggmgmtomestomgememumtomanagemehealmdatastored 
storage medium; and 

managing the health data on the storage medium. 

2- The method of claim 1, further comprising the step of storing a 

3- The method of claim 2, wherein the health data includes public and 
private health data. 



4. Tie method of data 3, *« te ^ of slortag ^ ^ ^ 

indivM^oo.^^^^^^^^^^^^ 

with the private key. 



5- The method of claim 4, wherein the step of managing includes 

decrypting the private health data with the private key. 



6- The method of claim 1 , wherein the step of logging into the storage 

receiving authentication data from the individual; 
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comparing authentication data received from the individual with authentication 
data stored on the storage medium; and 

ensuring that the authentication data received from the individual matches with 
authentication data stored on the storage medium. 

7. The method of claim 6, wherein the authentication data may be 
chosen from user name and password and user name and biometric. 

8. The method of claim 1 , wherein the step of managing includes 
accessing and updating the health data. 

9. A system for identifying an individual and managing health records 
of the individual, comprising: 

means for storing health data of an individual on a storage medium, 
means for logging into the storage medium to manage the health data stored on 
the storage medium; and 

means for managing the health data on the storage medium. 

10. The system of claim 9, further comprising means for storing a 
private key associated with a certificate of the individual on the storage medium. 

11. The system of claim 1 0, wherein the health data includes public 
and private health data. 
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the private key. 



'3- A computer-readable medium containing instructions for causing a 

compmermpe.onnamemodforidenti.mganmdividu.andmanag^nea.m 
"cords of the individual, comprising me steps of: 

storing health on a ^ ^ 

^inginmmestoregemedimntomattagetheheaimda^oredonme 
storage medium; and 

managing the health dare on the ^ medillnL 

«• ^computer.^^^^ ,3,^^^ 

^^P^^^aco^^^ 
storage medium. 



* ^ c -PUter-^le m edi Um ofclai m i4, whercintheh ^ 
data includes public and private health data. 



16. 



^^^o^^dmdonaa^regem^ine.udea.hea.epof 
cncryptmg the private health data with the private key. 



^cotnpu t er-reada W ememumofela i m,„,„ hereinthesttpof 



17. 

«iij>run;i -reaaaDI 
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managing includes decrypting the private health data with the private key. 



1 8. The computer-readable medium of claim 1 3, wherein the step of 
logging into the storage medium to manage the health data stored on the storage 
medium includes the steps of: 

receiving authentication data from the individual; 

comparing authentication data received from the individual with authentication 
data stored on the storage medium; and 

ensuring that the authentication data received from the individual matches with 
authentication data stored on the storage medium. 

1 9. The computer-readable medium of claim 1 8, wherein the 
authentication data may be chosen from user name and password and user name and 
biometric. 

20. The computer-readable medium of claim 13, wherein the step of 
managing includes accessing and updating the health data. 

2 1 . The method of claim 1 , wherein the storage medium is chosen from 
a smart card and a magnetic stripe card. 

22. The method of claim 2 1 , wherein the storage medium may be used 
as a credit card. 
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the system of claim 9 wherein th~ 

' 2rem toe storage medium is chosen from 

a smart card and a magnetic stripe card. 



24. The system of claim 23 wherein tn» 

5 Wtierem ^ st °rage medium may be used 

as a credit card. 



25. ™eco mp „ to . re ^ lem ^ TOofcIata .^^.^^ 



26. The compuKr-readaWe m ed ilm of elai m 25, wherein „» ^ 
medium may be used as a credit card. 
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